annotate mod_register_json/register_json/mod_register_json.lua @ 5406:b86d80e21c60

mod_http_oauth2: Validate consistency of response and grant types Ensure that these correlated fields make sense per RFC 7591 ยง 2.1, even though we currently only check the response type during authorization. This could probably all be deleted if (when!) we remove the implicit grant, since then these things don't make any sense anymore.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:34:31 +0200
parents 7dbde05b48a9
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
1 -- Expose a simple token based servlet to handle user registrations from web pages
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
2 -- through Base64 encoded JSON.
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
3
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
4 -- Copyright (C) 2010 - 2013, Marco Cirillo (LW.Org)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
5
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
6 local datamanager = datamanager
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
7 local b64_decode = require "util.encodings".base64.decode
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
8 local b64_encode = require "util.encodings".base64.encode
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
9 local http_event = require "net.http.server".fire_event
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
10 local jid_prep = require "util.jid".prep
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
11 local jid_split = require "util.jid".split
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
12 local json_decode = require "util.json".decode
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
13 local nodeprep = require "util.encodings".stringprep.nodeprep
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
14 local open, os_time, setmt, type = io.open, os.time, setmetatable, type
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
15 local sha1 = require "util.hashes".sha1
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
16 local urldecode = http.urldecode
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
17 local usermanager = usermanager
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
18 local uuid_gen = require "util.uuid".generate
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
19 local timer = require "util.timer"
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
20
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
21 module:depends("http")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
22
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
23 -- Pick up configuration and setup stores/variables.
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
24
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
25 local auth_token = module:get_option_string("reg_servlet_auth_token")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
26 local secure = module:get_option_boolean("reg_servlet_secure", true)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
27 local base_path = module:get_option_string("reg_servlet_base", "/register_account/")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
28 local throttle_time = module:get_option_number("reg_servlet_ttime", nil)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
29 local whitelist = module:get_option_set("reg_servlet_wl", {})
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
30 local blacklist = module:get_option_set("reg_servlet_bl", {})
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
31 local fm_patterns = module:get_option("reg_servlet_filtered_mails", {})
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
32 if type(fm_patterns) ~= "table" then fm_patterns = {} end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
33
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
34 local files_base = module.path:gsub("/[^/]+$","") .. "/template/"
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
35
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
36 local recent_ips = {}
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
37 local pending = {}
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
38 local pending_node = {}
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
39
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
40 -- Setup hashes data structure
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
41
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
42 hashes = { _index = {} }
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
43 local hashes_mt = {} ; hashes_mt.__index = hashes_mt
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
44 function hashes_mt:add(node, mail)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
45 local _hash = b64_encode(sha1(mail))
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
46 if not self:exists(_hash) then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
47 self[_hash] = node ; self._index[node] = _hash ; self:save()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
48 return true
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
49 else
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
50 return false
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
51 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
52 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
53 function hashes_mt:exists(hash)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
54 if hashes[hash] then return true else return false end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
55 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
56 function hashes_mt:remove(node)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
57 local _hash = self._index[node]
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
58 if _hash then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
59 self[_hash] = nil ; self._index[node] = nil ; self:save()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
60 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
61 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
62 function hashes_mt:save()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
63 if not datamanager.store("register_json", module.host, "hashes", hashes) then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
64 module:log("error", "Failed to save the mail addresses' hashes store.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
65 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
66 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
67
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
68 local function check_mail(address)
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
69 for _, pattern in ipairs(fm_patterns) do
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
70 if address:match(pattern) then return false end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
71 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
72 return true
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
73 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
74
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
75 -- Begin
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
76
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
77 local function handle(code, message) return http_event("http-error", { code = code, message = message }) end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
78 local function http_response(event, code, message, headers)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
79 local response = event.response
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
80
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
81 if headers then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
82 for header, data in pairs(headers) do response.headers[header] = data end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
83 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
84
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
85 response.status_code = code
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
86 response:send(handle(code, message))
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
87 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
88
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
89 local function handle_req(event)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
90 local request = event.request
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
91 if secure and not request.secure then return nil end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
92
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
93 if request.method ~= "POST" then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
94 return http_response(event, 405, "Bad method.", {["Allow"] = "POST"})
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
95 end
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
96
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
97 local req_body
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
98 -- We check that what we have is valid JSON wise else we throw an error...
991
929dcf3c4bcb mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents: 989
diff changeset
99 if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
100 module:log("debug", "Data submitted for user registration by %s failed to Decode.", user)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
101 return http_response(event, 400, "Decoding failed.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
102 else
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
103 -- Decode JSON data and check that all bits are there else throw an error
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
104 if req_body["username"] == nil or req_body["password"] == nil or req_body["ip"] == nil or req_body["mail"] == nil or
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
105 req_body["auth_token"] == nil then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
106 module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
107 return http_response(event, 400, "Invalid syntax.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
108 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
109 -- Set up variables
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
110 local username, password, ip, mail, token = req_body.username, req_body.password, req_body.ip, req_body.mail, req_body.auth_token
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
111
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
112 -- Check if user is an admin of said host
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
113 if token ~= auth_token then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
114 module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
115 return http_response(event, 401, "Auth token is invalid! The attempt has been logged.")
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
116 else
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
117 -- Blacklist can be checked here.
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
118 if blacklist:contains(ip) then
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
119 module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip)
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
120 return http_response(event, 403, "The specified address is blacklisted, sorry.")
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
121 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
122
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
123 if not check_mail(mail) then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
124 module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail)
992
794817421fc6 mod_register_json: added missing parameter to some http_response calls.
Marco Cirillo <maranda@lightwitch.org>
parents: 991
diff changeset
125 return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.")
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
126 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
127
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
128 -- We first check if the supplied username for registration is already there.
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
129 -- And nodeprep the username
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
130 username = nodeprep(username)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
131 if not username then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
132 module:log("debug", "An username containing invalid characters was supplied: %s", req_body["username"])
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
133 return http_response(event, 406, "Supplied username contains invalid characters, see RFC 6122.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
134 else
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
135 if pending_node[username] then
995
716a2b9cc18d mod_register_json: fix logging message for already pending registrations' bounces.
Marco Cirillo <maranda@lightwitch.org>
parents: 992
diff changeset
136 module:log("warn", "%s attempted to submit a registration request but another request for that user (%s) is pending", ip, username)
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
137 return http_response(event, 401, "Another user registration by that username is pending.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
138 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
139
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
140 if not usermanager.user_exists(username, module.host) then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
141 -- if username fails to register successive requests shouldn't be throttled until one is successful.
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
142 if throttle_time and not whitelist:contains(ip) then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
143 if not recent_ips[ip] then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
144 recent_ips[ip] = os_time()
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
145 else
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
146 if os_time() - recent_ips[ip] < throttle_time then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
147 recent_ips[ip] = os_time()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
148 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"])
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
149 return http_response(event, 503, "Request throttled, wait a bit and try again.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
150 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
151 recent_ips[ip] = os_time()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
152 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
153 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
154
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
155 local uuid = uuid_gen()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
156 if not hashes:add(username, mail) then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
157 module:log("warn", "%s (%s) attempted to register to the server with an E-Mail address we already possess the hash of.", username, ip)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
158 return http_response(event, 409, "The E-Mail Address provided matches the hash associated to an existing account.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
159 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
160 pending[uuid] = { node = username, password = password, ip = ip }
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
161 pending_node[username] = uuid
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
162
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
163 timer.add_task(300, function()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
164 if pending[uuid] then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
165 pending[uuid] = nil
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
166 pending_node[username] = nil
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
167 hashes:remove(username)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
168 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
169 end)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
170 module:log("info", "%s (%s) submitted a registration request and is awaiting final verification", username, uuid)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
171 return uuid
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
172 else
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
173 module:log("debug", "%s registration data submission failed (user already exists)", username)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
174 return http_response(event, 409, "User already exists.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
175 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
176 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
177 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
178 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
179 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
180
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
181 local function open_file(file)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
182 local f, err = open(file, "rb");
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
183 if not f then return nil end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
184
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
185 local data = f:read("*a") ; f:close()
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
186 return data
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
187 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
188
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
189 local function r_template(event, type)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
190 local data = open_file(files_base..type.."_t.html")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
191 if data then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
192 data = data:gsub("%%REG%-URL", base_path.."verify/")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
193 return data
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
194 else return http_response(event, 500, "Failed to obtain template.") end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
195 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
196
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
197 local function handle_verify(event, path)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
198 local request = event.request
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
199 local body = request.body
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
200 if secure and not request.secure then return nil end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
201
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
202 local valid_files = {
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
203 ["css/style.css"] = files_base.."css/style.css",
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
204 ["images/tile.png"] = files_base.."images/tile.png",
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
205 ["images/header.png"] = files_base.."images/header.png"
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
206 }
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
207
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
208 if request.method == "GET" then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
209 if path == "" then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
210 return r_template(event, "form")
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
211 end
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
212
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
213 if valid_files[path] then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
214 local data = open_file(valid_files[path])
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
215 if data then return data
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
216 else return http_response(event, 404, "Not found.") end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
217 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
218 elseif request.method == "POST" then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
219 if path == "" then
991
929dcf3c4bcb mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents: 989
diff changeset
220 if not body then return http_response(event, 400, "Bad Request.") end
929dcf3c4bcb mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents: 989
diff changeset
221 local uuid = urldecode(body):match("^uuid=(.*)$")
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
222
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
223 if not pending[uuid] then
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
224 return r_template(event, "fail")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
225 else
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
226 local username, password, ip =
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
227 pending[uuid].node, pending[uuid].password, pending[uuid].ip
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
228
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
229 local ok, error = usermanager.create_user(username, password, module.host)
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
230 if ok then
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
231 module:fire_event(
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
232 "user-registered",
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
233 { username = username, host = module.host, source = "mod_register_json", session = { ip = ip } }
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
234 )
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
235 module:log("info", "Account %s@%s is successfully verified and activated", username, module.host)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
236 -- we shall not clean the user from the pending lists as long as registration doesn't succeed.
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
237 pending[uuid] = nil ; pending_node[username] = nil
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
238 return r_template(event, "success")
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
239 else
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
240 module:log("error", "User creation failed: "..error)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
241 return http_response(event, 500, "Encountered server error while creating the user: "..error)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
242 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
243 end
1343
7dbde05b48a9 all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents: 995
diff changeset
244 end
989
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
245 else
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
246 return http_response(event, 405, "Invalid method.")
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
247 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
248 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
249
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
250 local function handle_user_deletion(event)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
251 local user, hostname = event.username, event.host
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
252 if hostname == module.host then hashes:remove(user) end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
253 end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
254
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
255 -- Set it up!
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
256
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
257 hashes = datamanager.load("register_json", module.host, "hashes") or hashes ; setmt(hashes, hashes_mt)
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
258
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
259 module:provides("http", {
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
260 default_path = base_path,
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
261 route = {
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
262 ["GET /"] = handle_req,
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
263 ["POST /"] = handle_req,
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
264 ["GET /verify/*"] = handle_verify,
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
265 ["POST /verify/*"] = handle_verify
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
266 }
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
267 })
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
268
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
269 module:hook_global("user-deleted", handle_user_deletion, 10);
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
270
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
271 -- Reloadability
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
272
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
273 module.save = function() return { hashes = hashes } end
7c04c5856daa mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff changeset
274 module.restore = function(data) hashes = data.hashes or { _index = {} } ; setmt(hashes, hashes_mt) end